Unusual use of ssh
Derek Ragona
derek at computinginnovations.com
Thu May 22 00:06:44 UTC 2008
At 06:35 PM 5/21/2008, Doug Hardie wrote:
>I have an unusual situation that I suspect is not practical, but just
>in case...
>
>I have a class C network with a T1 to the internet. There are a
>number of hosts on that network. Unfortunately the T1 line is just
>part of a path with several additional links before it gets to the
>upstream ISP. Some of those links are relatively prone to outages.
>In the same facility, I have a number of WiFi access points that are
>connected through a router to a DSL connection to the internet. That
>path is completely independent from the T1 and actually goes through a
>completely different set of central offices.
>
>What I have tried to do is to link the DSL router to one of my hosts
>via a separate NIC and address that is on the LAN of the WiFi router.
>So far all is good. I can ping any of the access points from that
>host just fine. I have established a pass through port in the DSL
>router for SSH that sends the packets to that host. Sure enough, ssh
>packets are received by the host. The problem is that it does not
>respond on the right interface. The routing table uses a default
>route through the T1. Thats where the sshd responses are being sent.
>
>Since I have no a priori knowledge what IPs I would have available
>when I need to use this back door, I can't pre-setup the routing
>table. I need sshd to respond on the same interface it receives the
>packets from. I don't believe that is possible using IPv4 routing. I
>think that it is using IPv6 but none of the networks involved support
>that yet. I don't find any option in sshd to force it to respond on
>the right interface either. Is there something I have missed?
You need to set the correct listen address in /etc/sshd_config then restart
sshd.
Also you may need to provide a route for this interface if it cannot find
it's own route.
-Derek
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the freebsd-questions
mailing list